package com.jy.framework.sys.shiro.exten.aop;

import com.jy.framework.annotation.RequiresAction;
import org.apache.shiro.aop.AnnotationResolver;
import org.apache.shiro.aop.MethodInvocation;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.aop.AuthorizingAnnotationMethodInterceptor;

public class ActionAnnotationMethodInterceptor
        extends AuthorizingAnnotationMethodInterceptor {

    public ActionAnnotationMethodInterceptor() {
        super(new ActionAnnotationHandler());
    }

    public ActionAnnotationMethodInterceptor(AnnotationResolver resolver) {
        super(new ActionAnnotationHandler(), resolver);
    }

    @Override
    public void assertAuthorized(MethodInvocation mi) {
        // TODO Auto-generated method stub
        try {
            ActionAnnotationHandler handler = (ActionAnnotationHandler) getHandler();
            Class clz = mi.getThis().getClass();
            String obj = clz.getSimpleName();
            String[] names = obj.split("\\$");
            StringBuilder sb = new StringBuilder();
            sb.append(names[0]);
            sb.append(":");

//			String authority = mi.getMethod().getName();
            String authority = "list";
            RequiresAction requiresAction = mi.getMethod().getAnnotation(RequiresAction.class);
            if (requiresAction != null) {
                authority = requiresAction.value();
            }
            sb.append(authority);

            System.out.println("action is " + sb.toString());

            handler.setActionPermission(sb.toString());
            handler.assertAuthorized(this.getAnnotation(mi));
        } catch (AuthorizationException ae) {
            // Annotation handler doesn't know why it was called, so add the information here if possible.
            // Don't wrap the exception here since we don't want to mask the specific exception, such as
            // UnauthenticatedException etc.
            if (ae.getCause() == null) {
                ae.initCause(new AuthorizationException("Not authorized to invoke method: " + mi.getMethod()));
            }
            throw ae;
        }

    }


}
